<?php
	if (!session_start()) session_start();
	if (!isset($_SESSION['kiemtradangnhapthinguyet']) || $_SESSION['kiemtradangnhapthinguyet']!=1) {
		header('location: ../../../index.php');
		die();
	}
	$user_dangnhap = $_SESSION["taikhoandangnhapthinguyet"];
	if ($user_dangnhap['idgroup']!="1" && $user_dangnhap['idgroup']!="-1") {
		header('location: index.php');
		die();
	}
	
	$table = "user";
	$id = $_GET['id'];
	if (isset($_POST["id"]) && $_POST["id"]!="")
		$id = $_POST['id'];
	$record = $class_user->get_by_thutu($id);
	
	$check_isset = array(
		'id',
		'username',
		'old_password',
		'new_password',
		'hoten',
		'diachi',
		'dienthoai',
		'email',
		'idgroup',
		'anhien'
	);
	$check_empty = array(
		'id',
		'old_password',
		'new_password'
	);
	if ($db->check_isset($check_isset)) {
		$password = $record["password"];
		$thutu = $record["thutu"];
		$ngay = $record["ngay"];
		
		if (empty ($_POST["username"])) {
			?>
				<script language="javascript">alert("Not enough information!");</script>
			<?php
		}else {
			if ($db->check_empty($check_empty)) {
				list($md5pass, $saltpass) = explode (":", $password);
      			if ((md5($_POST["old_password"] . $saltpass)) == $md5pass) {
					for ($i=0; $i<=32; $i++) {
						$d=rand(1,30)%2;
						$salt .= $d ? chr(rand(65,90)) : chr(rand(48,57));
					}
					$hashed = md5($_POST["new_password"] . $salt);
					$encrypted = $hashed . ':' . $salt;
					if (strlen($_POST["username"])>5) {
						$check_username = $class_user->get_by_username($_POST["username"]);
						$flag = 0;
						if ($check_username!="" && $check_username['id']!=$id)
							$flag = 1;
						if ($flag == 1) {
							?>
								<script language="javascript">alert("Trùng username!");</script>
							<?php
						}else {
							$record = new user;
							$record->dt_set_id($id);
							$record->dt_set_username($_POST["username"]);
							$record->dt_set_password($encrypted);
							$record->dt_set_hoten($_POST["hoten"]);
							$record->dt_set_diachi($_POST["diachi"]);
							$record->dt_set_dienthoai($_POST["dienthoai"]);
							$record->dt_set_email($_POST["email"]);
							$record->dt_set_idgroup($_POST["idgroup"]);
							$record->dt_set_thutu($thutu);
							$record->dt_set_ngay($ngay);
							$record->dt_set_anhien($_POST["anhien"]);
							
							$record->update();
							?>
								<script language="javascript">alert("Sửa dữ liệu thành công!");</script>
							<?php
							location('index.php?p='.$table.'_quanly');
						}
					}else {
						?>
							<script language="javascript">alert("Username phải có ít nhất 6 ký tự!");</script>
						<?php
					}
      			}else {
      				?>
						<script language="javascript">alert("Password is not correct!");</script>
					<?php
      			}
			}else {
				if (strlen($_POST["username"])>5) {
					$check_username = $class_user->get_by_username($_POST["username"]);
					$flag = 0;
					if ($check_username!="" && $check_username['id']!=$id)
						$flag = 1;
					if ($flag == 1) {
						?>
							<script language="javascript">alert("Trùng username!");</script>
						<?php
					}else {
						$record = new user;
						$record->dt_set_id($id);
						$record->dt_set_username($_POST["username"]);
						$record->dt_set_password($password);
						$record->dt_set_hoten($_POST["hoten"]);
						$record->dt_set_diachi($_POST["diachi"]);
						$record->dt_set_dienthoai($_POST["dienthoai"]);
						$record->dt_set_email($_POST["email"]);
						$record->dt_set_idgroup($_POST["idgroup"]);
						$record->dt_set_thutu($thutu);
						$record->dt_set_ngay($ngay);
						$record->dt_set_anhien($_POST["anhien"]);
							
						$record->update();
						?>
							<script language="javascript">alert("Sửa dữ liệu thành công!");</script>
						<?php
						location('index.php?p='.$table.'_quanly');
					}
				}else {
					?>
						<script language="javascript">alert("Username phải có ít nhất 6 ký tự!");</script>
					<?php
				}
			}
		}
	}

?>	
<script type="text/javascript">
function isTest() {
	if (document.getElementById("username").value=="") {
		alert("You have not entered enough information.");
		return false;
	}
	
    return true;
}	
</script>			
            	<div class="dangnhap_title">
                <a href="index.php" style="color:#F8991D;" title="Trang chủ">Trang chủ</a>
                <span style="font-size:9px;">>></span> 
                Hệ thống
                <span style="font-size:9px;">>></span> 
                <a href="index.php?p=<?php echo $table; ?>_quanly" style="color:#F8991D;">Thành viên</a> 
            	</div>
            	<form method="post" action="index.php?p=<?php echo $table; ?>_sua" onSubmit="return isTest();">
            	<input type="hidden" name="id" value="<?php echo $id; ?>" />
                <div class="dangnhap_col">
                    <div class="dangnhap_col_title" style="font-size:22px; color:#0E6BBB; width: 90%;">
                        Vietnamese's Information
                    </div>
                </div>
                <div class="dangnhap_col">
                    <div class="dangnhap_col_title">
                        &nbsp; &nbsp; &nbsp;- Username:
                    </div>
                    <div class="dangnhap_col_input">
                        <input type="text" name="username" id="username" onkeypress="return nospace(event);" onkeyup="check_username();" style="width:520px; padding:0px;" value="<?php echo $record['username']; ?>" />
                    	<span id="username_result"></span>
                    </div>
                </div>
                <div class="dangnhap_col">
                    <div class="dangnhap_col_title">
                        &nbsp; &nbsp; &nbsp;- Old Password:
                    </div>
                    <div class="dangnhap_col_input">
                        <input type="password" name="old_password" style="width:520px; padding:0px;" />
                    </div>
                </div>
                <div class="dangnhap_col">
                    <div class="dangnhap_col_title">
                        &nbsp; &nbsp; &nbsp;- New Password:
                    </div>
                    <div class="dangnhap_col_input">
                        <input type="password" name="new_password" style="width:520px; padding:0px;" />
                    </div>
                </div>
                
                <div class="dangnhap_col">
                    <div class="dangnhap_col_title" style="font-size:22px; color:#0E6BBB; width: 90%;">
                        More Information
                    </div>
                </div>
                <div class="dangnhap_col">
                    <div class="dangnhap_col_title">
                        &nbsp; &nbsp; &nbsp;- Full name:
                    </div>
                    <div class="dangnhap_col_input">
                        <input type="text" name="hoten" style="width:520px; padding:0px;" value="<?php echo $record['hoten']; ?>" />
                    </div>
                </div>
                <div class="dangnhap_col">
                    <div class="dangnhap_col_title">
                        &nbsp; &nbsp; &nbsp;- Phone:
                    </div>
                    <div class="dangnhap_col_input">
                        <input type="text" name="dienthoai" style="width:520px; padding:0px;" value="<?php echo $record['dienthoai']; ?>" />
                    </div>
                </div>
                <div class="dangnhap_col">
                    <div class="dangnhap_col_title">
                        &nbsp; &nbsp; &nbsp;- Adress:
                    </div>
                    <div class="dangnhap_col_input">
                        <input type="text" name="diachi" style="width:520px; padding:0px;" value="<?php echo $record['diachi']; ?>" />
                    </div>
                </div>
                <div class="dangnhap_col">
                    <div class="dangnhap_col_title">
                        &nbsp; &nbsp; &nbsp;- Email:
                    </div>
                    <div class="dangnhap_col_input">
                        <input type="text" name="email" style="width:520px; padding:0px;" value="<?php echo $record['email']; ?>" />
                    </div>
                </div>
                <div class="dangnhap_col">
                    <div class="dangnhap_col_title">
                        &nbsp; &nbsp; &nbsp;- Group:
                    </div>
                    <div class="dangnhap_col_input">
                        <input type="radio" name="idgroup" value="0" <?php if ($record['idgroup']==0) echo "checked='checked'"; ?> />Manager
                     	<input type="radio" name="idgroup" value="1" <?php if ($record['idgroup']==1) echo "checked='checked'"; ?> />Admin
                    </div>
                </div>
                <div class="dangnhap_col">
                    <div class="dangnhap_col_title">
                        &nbsp; &nbsp; &nbsp;- Block:
                    </div>
                    <div class="dangnhap_col_input">
                        <input type="radio" name="anhien" value="0" <?php if ($record['anhien']==0) echo "checked='checked'"; ?> />UnBlock
                     	<input type="radio" name="anhien" value="1" <?php if ($record['anhien']==1) echo "checked='checked'"; ?> />Block
                    </div>
                </div>
                <div class="dangnhap_col">
                    <div class="dangnhap_col_input">
                        <input type="image" src="imgs/save_button.png" border="0" />
                        <a href="javascript:history.go(-1);"><img src="imgs/exit_button.png" border="0" /></a>
                    </div>
                </div>
               	</form>